Location-aware services: one more thing to worry about

By William Jackson

Jun 16, 2006

CYBEREYE WILLIAM JACKSON

A new generation of location-based services threatens to open up a whole new can of worms in the debate over privacy. The government reportedly already mines consumer telephone records, and wireless applications that track a user's location could provide a rich new source of data for snoops.

Protecting this data wasthe subject of a recentpanel discussion inWashington hosted bythe Congressional InternetCaucus AdvisoryCommittee. 'It is unclear what privacyrules, if any, apply' to the information, saidJohn Morris of the Center for Democracyand Technology.

But government rules alone, even if theyapply, are not adequate to protect privacy.Recent history makes it clear that effectivecontrol requires rigorous congressionaloversight to ensure that regulations andlaws are being observed, both by companiesthat gather data and by the government.

Technology to pinpoint the location ofwireless users is becoming more sophisticated.There are an estimated 40 millionfixed WiFi access points in the country,and Skyhook Wireless Inc. of Boston plansto use them to track customers.

'We know where they are,' said vice presidentof marketing and development JedRice. 'We currently have 200 people drivingaround the U.S.' By this summer, Skyhookexpects to have mapped access pointsin areas covering 75 percent of the U.S. population.Those maps could be used to deliverlocation-based services to mobile users.

Skyhook is already beta testing one ofthose services. Loki, as it's called, integrateswith Google to provide location-specificWeb searching. WaveMarket Inc.of Emeryville, Calif., is offering a servicethrough Sprint to let family memberstrack each other's cell phones. The DisneyCo. has announced a similar service.

'We think in the next few years, locationservices are going to blossom,' said JimSmolen, WaveMarket's vice president ofstrategic alliances.

As they do, privacy questions come tothe fore. As of now, service and applicationproviders such as Skyhook and WaveMarkettake their privacy rules from their carriercustomers. 'We are outside the reachof regulation,' Rice said. 'What is drivingus now is capitalism.'

Smolen and Rice say their companies donot track customers and do not gather andkeep identifiable data. But some data alwaysresides in the service provider's system,for billing purposes at least, and itcould be vulnerable to warrants or misuse.

FCC did not adopt these regulations. Itrelies instead on a 1999 law requiring carriersto secure location data gleaned fromE911 technology. Butthis is exactly the datathat carriers havebeen accused of turningover to the NationalSecurity Agency.

As it becomes easier to track every cellphone, notebook PC, pager, text messagerand yet-to-be-invented mobile device, theneed to prevent abuse of data becomesmore urgent. Agencies will have to spellout safeguards, and Congress must ensurethat abuses are not tolerated or ignored.

William Jackson is a GCN senior writer. E-mail him at wjackson@postnewsweektech.com.